...

You’re not invincible: a wake-up call for journalists and online media outlets

Commentary Materials 7 April 2014 11:00 (UTC +04:00)
Sometimes online media outlets spread a topic that focuses on a problem that is considered to be somewhat of a sleeper for ordinary internet users. Big mistake.
You’re not invincible: a wake-up call for journalists and online media outlets

Baku, Azerbaijan, April 7

By Tim Tal - Trend:

Sometimes online media outlets spread a topic that focuses on a problem that is considered to be somewhat of a sleeper for ordinary internet users. Big mistake.

In this case, hacking has become just another way of silencing someone, aside from verbal and physical threats, bribery, and so on.

On March 28, Google's security researcher Shane Huntley spoke at the Singapore Black Hat conference, where he said that major news organizations today are targets for state-sponsored attacks on security. Huntley did say that about 20 of the world's top 25 news organizations were attacked, without revealing how many of those attacks were successful.

The websites that were said to be attacked included Forbes, NY Times, and the Financial Times. The first two of these were claimed by the Syrian Electronic Army, while the New York Times attack was attributed to China.

Google has its own ways of tracking down suspicious activity. Reuters reported that security researcher Ashkan Soltani said in a Twitter post that nine of the top 25 news websites use Google for hosted email services. Security researcher Ashkan Soltani said in a Twitter post that nine of the top 25 news websites use Google for hosted email services.

Speaking of state-sponsored hacking is nothing new, as it has been going on for years. For example, not long ago the Ethiopian government was accused of using foreign technology to spy on opposition figures and journalists. Even governments sometimes stick to the "whatever it takes" solution to get the required data.

Shane Huntley's research, conducted jointly with Citizen Labs' Morgan Marquis-Boire, showcases that such online battles never stop, as hacking techniques improve alongside security.

The problem, Marquis-Boire said, was that news organizations have been slower than other businesses in recognizing the threat and taking action.

Big news organizations are on another level - they're big, and they have loud voices. Thus, they are likely to be hacked. Often, such websites are attacked because of some sensitive or false information that was published.

Huntley spoke to Reuters, where he said that more state-sponsored targeting is to be expected, as it is happening regardless of region. Yet, State-sponsored hacking is only a part of global hacking that continues to grow.

According to Reuters, Huntley believes a recent successful attack against an unnamed Western news organization involved a fake questionnaire e-mailed to its staff. This fits the general pattern of phishing, either via e-mail or malicious links in social media posts. In this case, the attacks were targeted towards journalists, who worked in big news organizations.

GO-Gulf.com, a Dubai-founded international online web application design and development company compiled an infographic in 2013, which said cyber crimes continue to grow and by 2017, the global Cyber Security market is expected to skyrocket to $120.1 billion from $63.7 billion in 2011.

Further statistics are even more mind-blowing: about 556 million of people per year fall victims to cyber crime. That is over 1.5 million people per day, and about 18 people per second. Think about that for a moment. Still sounds like a sleeper?

Truth is, there's no one stop solution for protecting against hacking attacks. Big news agencies and organizations are well aware of that, thus the most important thing is to minimize the risk, and do the utmost to protect sensitive information.

Speaking of journalists, how do they protect themselves from phishing (spam emails to be from reputable companies that try to get the receiver reveal personal information, such as passwords and credit card numbers)? The first step is of course to use a dependable email service that is able to filter out spam emails. In other words, the agency or an organization must have a plan to deal with such potential threats.

Considering that the study mentioned in the beginning of the article shows that journalists are "massively over-represented" among hacker's targets, journalists need to stay vigilant, careful and be ready to take precaution measures. Sometimes, the information or classified data is too expensive to lose.

Below are some basic tips from SSL Store that you can use to strengthen your security online:

-- Have a strong password. Memorize it. Treat it like a winning lottery ticket number.

-- No one wants to send you a million dollars all of a sudden, and no dying old woman in Nigeria wants to leave you a fortune. Don't even think about opening emails that claim "you have a price", "enter your details to get your reward", "Dear beneficiary", and so on.

-- Be smart about using your Wi-Fi. If you're working in the field as a journalist, be aware that you are using public wireless networks, especially in an unknown area.

-- Keep in mind that websites that handle online transactions through the https:// (which means the website is secured with Secure Socket Layer Certificate) are okay to use. Try to stay away from the others, if possible.

-- If necessary, use an alias when sending out sensitive information. Make sure to talk it over with your organization first.

-- Sometimes it is necessary to take risks. Before you do that, ask yourself - can you afford to lose your data?

Tags:
Latest

Latest